9 May
2018
9 May
'18
6:24 a.m.
On Tue, May 8, 2018 at 8:23 PM Tony Langdon <vk3jed(a)vkradio.com> wrote:
Now that my BGP announced 44.x range is up and
running, I'd like to be
able to make it transparently accessible for tunneled networks. I just
need to double check a few things.
If you've got it accessible to the internet at large via BGP, it'll also be
accessible from other 44 networks. Without the tunnel mesh, traffic will be
routed through amprgw at UCSD. There used to be a configuration issue that
prohibited this, but it was fixed a few years ago.
You can of course still configure the tunnel mesh if you desire. The
primary benefit of this is reduced latency to gateways not near UCSD.
First, I know I'd need to run ampr-ripd on the
box. I also have non-44
net addresses to use as the ipip encap endpoint. What else do I need to
do? Do I need to advertise the subnet as "tunneled" in addition to
direct in the portal? Anything else?
This should answer your questions:
http://wiki.ampr.org/wiki/Setting_up_a_gateway_on_Linux
And on a similar note, is there a way to exclude other
directly
connected subnets capable of IPIP tunneling from using a tunnel? (since
that's obviously not required!)
The way we do this is by importing the 44 networks learned via BGP into our
IGP and prioritizing those over routes learned via ampr-ripd. The route
filter looks something like this on Mikrotik:
/routing filter add action=accept chain=AMPR prefix=44.0.0.0/8
prefix-length=8-32
Now our route table has routes from both BGP and ampr-ripd, with lower
distance on the BGP routes. How you accomplish this will depend on your
implementation, but I hope this gives you an idea.
Tom KD7LXL